Tech News

Pentagon issued warning warning to use signals before Yemeni group chats failed

The Pentagon warned against using signals in the memo last week. NPR. It cites threats from Russian hackers.

The memo was delivered within a few days before the Atlantic Ocean’s bombshell apocalypse, and its editor-in-chief Jeffrey Goldberg was mistakenly added to the Signal Group chat, which involved detailed discussions on strikes against Houthi rebels. Members in the signal chat include U.S. Secretary of Defense Pete Hegseth and Vice President Judd Vance.

“The Russian professional hacker community is using the 'linked device' feature to monitor encrypted conversations,” the Pentagon wrote in a memo warning warning of the use of signals.

As the name implies, a linked device allows signal users to log in to their account from multiple locations, and incoming and outgoing messages appear on all devices. Since the signals are end-to-end encrypted and the messages are only stored locally on devices with the encryption key, the company first bundles all communications of the user in an encryption package. Then using the QR code, the user can send the encryption key to the new device:

A single encryption key sent from the master device to the new device can complete the job, leading a secure connection through which we can send encrypted data. It turns out that even a simple QR code can solve the problem – the new link device can display a QR code with all the necessary information to guide the process and send encrypted data over a secure connection. Just scan the code from the main device and start.

The Pentagon memo states that hackers can bypass this barrier by creating malicious phishing pages or QR codes related to group chats, which users can send to each other based on invitations. “After accessing the malicious code, the group adds its own device as a linked device. This allows the group to view every message sent by an uninformed user in real time, bypassing end-to-end encryption.”

Both Russia and Ukraine use Telegram, another popular messaging app for private communications, and have been targeted by Russian hackers, which partnered directly with the Kremlin to provide a $5 million exploit bounty.

Signal defends its security practices and outlines the huge length it has made to prevent access to user data. But at the end of the day, neither signal nor end-to-end encryption will protect people who share secret war plans Open group chat. This is a consumer-grade messaging application run by a technology organization and is now used for political communications in major global conflicts. The signal inevitably becomes the target. The government provides secure physical rooms (often called SCIFs), where the reasons for classified information are discussed, and there is also a reason why personal devices are not used in SCIFs. Consumer applications could have been easily and intuitively used, and users can be targeted through methods such as social engineering.

White House Press Secretary Karoline Leavitt, who has been on defense trying to break out of the latest fire, posted on X again on Tuesday, saying no war plans or other classified material was discussed in the chat. An investigation into how journalists can be added to the conversation is still underway.

Some criticized Atlantic editor Goldberg for staying in chat while discussing sensitive information. However, it is hard to be without argument, and Goldberg, as a journalist, has an obligation to inform the public of the general incompetence of the highest power. Also, if everyone else in the chat follows the proper classification material protocol, then Goldberg wouldn't have a story as he might not be invited to the SCIF.



Related Articles

Leave a Reply